View: Named Chains
Incomplete
Type: Implicit
Objective
This view displays Named Chains and their components.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-680 | Integer Overflow to Buffer Overflow | The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow. |
| CWE-690 | Unchecked Return Value to NULL Pointer Dereference | The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. |
| CWE-692 | Incomplete Denylist to Cross-Site Scripting | The product uses a denylist-based protection mechanism to defend against XSS attacks, but the denylist is incomplete, allowing XSS variants to succeed. |
Mapping Notes
Usage: Prohibited
Reasons: View
Rationale:
This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.
Comment:
Use this View or other Views to search and navigate for the appropriate weakness.